linux/security/integrity/ima
Mimi Zohar 1adace9bb0 ima: remove unnecessary call to ima_must_measure
The original ima_must_measure() function based its results on cached
iint information, which required an iint be allocated for all files.
Currently, an iint is allocated only for files in policy.  As a result,
for those files in policy, ima_must_measure() is now called twice: once
to determine if the inode is in the measurement policy and, the second
time, to determine if it needs to be measured/re-measured.

The second call to ima_must_measure() unnecessarily checks to see if
the file is in policy. As we already know the file is in policy, this
patch removes the second unnecessary call to ima_must_measure(), removes
the vestige iint parameter, and just checks the iint directly to determine
if the inode has been measured or needs to be measured/re-measured.

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Eric Paris <eparis@redhat.com>
2011-02-23 16:38:52 -05:00
..
ima.h ima: remove unnecessary call to ima_must_measure 2011-02-23 16:38:52 -05:00
ima_api.c ima: remove unnecessary call to ima_must_measure 2011-02-23 16:38:52 -05:00
ima_audit.c
ima_crypto.c
ima_fs.c
ima_iint.c IMA: remove IMA imbalance checking 2011-02-10 07:51:44 -05:00
ima_init.c
ima_main.c ima: remove unnecessary call to ima_must_measure 2011-02-23 16:38:52 -05:00
ima_policy.c ima: fix add LSM rule bug 2011-01-03 16:36:33 -08:00
ima_queue.c
Kconfig
Makefile